package com.lanou.realm;

import com.lanou.bean.Account;
import com.lanou.bean.AdminInfo;
import com.lanou.bean.Module;
import com.lanou.bean.Role;
import com.lanou.service.AdminInfoService;
import com.lanou.service.ModuleService;
import com.lanou.service.RoleService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import javax.annotation.Resource;
import java.util.ArrayList;
import java.util.List;

/**
 * Created by dllo on 18/3/7.
 */
public class MyRealm extends AuthorizingRealm {

    @Resource
    private AdminInfoService adminInfoService;
    @Resource
    private RoleService roleService;
    @Resource
    private ModuleService moduleService;

    @Override
    public String getName() {
        return "MyRealm";
    }

    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }

    //    授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("授权开始");
        AdminInfo adminInfo = (AdminInfo) principalCollection.getPrimaryPrincipal();
        List<String> rList = new ArrayList<>();
        List<String> mList = new ArrayList<>();
        List<Module> moduleList = moduleService.module(adminInfo.getAdminCode());
        System.out.println("授权"+moduleList);
        for (int i=0;i<moduleList.size();i++){
            String module = moduleList.get(i).getName();
            mList.add(module);
        }
        System.out.println("权"+mList);
        //角色
        List<AdminInfo> adminInfoList = adminInfoService.findAdminById(adminInfo.getAdminCode());
        System.out.println("角色"+adminInfoList);
        for (int i=0;i<adminInfoList.size();i++){
            List<Role> roleList = adminInfoList.get(i).getRoleList();
            for (int j=0;j<roleList.size();j++){
                String role = roleList.get(i).getName();
                rList.add(role);
            }
        }
        System.out.println("角"+rList);
        /*List<Role> roleList = roleService.role(adminInfo.getAdminCode());
        System.out.println("角色"+roleList);
        for (int i=0;i<roleList.size();i++){
            String role = roleList.get(i).getName();
            rList.add(role);
        }
        System.out.println(rList);*/

//        授权信息对象,用来保存所有的角色和权限信息
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.addStringPermissions(mList);
        info.addRoles(rList);
        return info;
    }

    //    认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //        1.获取token中的用户名
        String username = (String) authenticationToken.getPrincipal();
        String password = new String((char[]) authenticationToken.getCredentials());
//        可以用service层判断用户名是否存在的方法,假数据要去数据库中进行查询
        String uname = adminInfoService.login(username,password).getAdminCode();
        String psw = adminInfoService.login(username,password).getPassword();
        if (!uname.equals(username)) {
            throw new UnknownAccountException("未知账号/没有账号");
        }
        if (!psw.equals(password)) {
            throw new IncorrectCredentialsException("密码错误");
        }
        AdminInfo adminInfo = new AdminInfo();
        adminInfo.setAdminCode(uname);

        return new SimpleAuthenticationInfo(adminInfo, password, getName());
    }
}
